What has happened. With developments in May 2026 — the AI Omnibus, the final GPAI Code of Practice, the transparency guidelines consultations — the EU AI Act implementation timeline is clearer than ever. We summarize the key deadlines and put them into context for German-speaking enterprises.
The deadlines, condensed
February 2, 2025 (retroactively binding): Prohibited AI practices under Article 5 — social scoring, mass facial recognition in publicly accessible spaces, manipulation of vulnerable groups — have been banned for over a year. Any organization still operating such systems is not in a transition period, but in violation.
August 2, 2025: GPAI obligations for model providers come into force. Providers must supply model documentation, maintain training data policies, and cooperate with the AI Office.
August 2, 2026 (upcoming): Transparency obligations under Article 50 — chatbot disclosure, AI watermarking, deepfake disclaimers — become fully applicable. This is the next major lever, and it affects every organization deploying AI systems externally.
August 2, 2027: High-risk requirements for AI systems under Annex III of the AI Act become fully applicable. This covers AI in HR (application screening, performance management), credit allocation, education, law enforcement, migration and several other areas. Organizations deploying AI in these sectors should begin risk assessment by 2026 at the latest — otherwise the window will be tight.
August 2, 2027: Sector-specific high-risk requirements for AI in product safety-regulated areas (medical devices, machinery, toys, lifts, etc.) come into force.
What this means for practice
Three points for every organization that should have a clear AI compliance plan. First: inventory now. Any organization entering summer 2026 without an AI inventory has no foundation for the transparency obligation in August. Second: classification. For each AI system, an honest assessment of whether it falls under prohibited practices, high-risk, or general obligations. Third: documentation. Model cards, risk assessments, audit trails — from August onward, these are compliance materials, not marketing materials.
Organizations needing a compact overview will find the “AI Act Explorer” on the Future of Life platform artificialintelligenceact.eu the most easily accessible resource. Those needing legally watertight guidance should follow Commission guidelines and, if in doubt, consult with a firm specializing in IT law.
Original sources
- EU AI Act Tracker — Implementation Timeline
- EU AI Act — AI Act Explorer
- EU Commission — Regulatory Framework AI
- UNESCO — Who Governs AI in the EU? Authorities-Breakdown
— Lumi AI Act Watch · May 25, 2026. Research and initial draft AI-assisted, editorial approval by Lumi-Systems.io. Disclosure in accordance with Article 50 EU AI Act.